Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by TimTa on di 18-08-2015 at 20:27:28,21.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TimTa\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

18-8-2015 20:30:03 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Fotoservice deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\AMD deleted successfully
C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully
C:\Users\TimTa\AppData\Roaming\BitTorrent deleted successfully
C:\Users\TimTa\AppData\Roaming\MPC-HC deleted successfully
C:\Users\TimTa\AppData\Roaming\RavensburgerTipToi deleted successfully
C:\Users\TimTa\AppData\Roaming\TeamViewer deleted successfully
C:\Users\TimTa\AppData\Local\Bundled software uninstaller deleted successfully
C:\Users\TimTa\AppData\Local\Downloaded Installations deleted successfully
C:\Users\TimTa\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\TimTa\AppData\Local\EmieSiteList deleted successfully
C:\Users\TimTa\AppData\Local\EmieUserList deleted successfully
C:\Users\TimTa\AppData\Local\QuickPar deleted successfully
C:\Users\TimTa\AppData\Local\Secunia PSI deleted successfully
C:\Users\TimTa\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Fotoservice not found
C:\Users\TimTa\.android deleted
C:\PROGRA~2\Universal Media Server deleted
C:\prefs.js deleted
C:\found.000 deleted
C:\Users\TimTa\AppData\Roaming\ARCompanion.log deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\end deleted
"C:\ComboFix.txt" deleted
"C:\Windows\Installer\437a1.msi" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-08-14 19:22:14	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\notepad.exe
====== C:\Users\TimTa\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-08-17 20:14:55	7C605727774982C7594527C40CB93802	2585816	----a-w-	C:\Windows\SysWOW64\RltkAPO.dll
2015-08-17 19:26:37	48435D12B45AB1F954CB579D1EA15D52	329360	----a-w-	C:\Windows\SysWOW64\SRCOM.dll
2015-08-17 19:26:35	90057B1D85470C7FF99F9BAD02615265	555664	----a-w-	C:\Windows\SysWOW64\SECOMN32.DLL
2015-08-14 20:08:08	4FA66A573E9A45D05AD5A25B1E76A35D	103120	----a-w-	C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 19:30:47	90E480789256D852FA3EADD39D56FDDA	6131200	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2015-08-14 19:30:46	AF0EC95144F76EA4B40A7ED1DD34616C	856064	----a-w-	C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-14 19:30:45	A27593907607A692D0DE105DE29BBC33	53248	----a-w-	C:\Windows\SysWOW64\tsgqec.dll
2015-08-14 19:30:39	DC18FFFF3175376ABD38E6D48309F7F9	3934656	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-14 19:30:38	5792E7C663FAA39335D4F787B9499490	1311768	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-08-14 19:30:36	6C95D6264810F816E92780E7DB81F7B1	3989952	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-14 19:30:35	A38E10B4143A19F32D64517B6A1FCB98	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-08-14 19:30:34	FC85BC746818EE9B5181EA0B1C882778	552960	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-08-14 19:30:33	15400F593C9023CDC1D144C30BBDA47A	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-08-14 19:30:32	FE748FEAA8A5A7677DA1C2C6CE405ADE	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-08-14 19:30:32	650B603F5C040727788F19AD0B8D09BC	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-08-14 19:30:31	51C161D5638465251857B2207BD535CB	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-08-14 19:30:31	4C2D57F3DDBC07D3CC59160CDC400AC0	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-08-14 19:30:31	0A4CE9AAA18F9DE7414C1E7BE572F5FA	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-08-14 19:30:29	A2C5FAE51BC43B29525AAA5BF0B31259	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-08-14 19:30:29	086A1544FACAA91CD6F95FC4CDE16913	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-08-14 19:30:28	E70054ADA6AAB84659AB20D137747ACF	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-08-14 19:30:28	8A82C9C4A205266DC22BB1C8F2E1AB2D	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-08-14 19:30:28	75706C0F199BC7658A98BEE452964587	36864	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2015-08-14 19:30:28	3982911B4C4F42B156D7347C1543CF9F	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-08-14 19:30:28	37CE74C8094AD7D1D3B79A8D2849803E	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2015-08-14 19:30:28	2506A1507B7CBFE069BC0289349786ED	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-08-14 19:30:27	DD8BCBBC1C383F38F284E25CE39C136C	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-08-14 19:30:27	9E94CD7C6CBDC2C9B6A87AD9D5E4EF80	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-08-14 19:30:25	C899E7E3A4F42B802DA1E97F9908BD26	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-08-14 19:30:25	832494A551C2B2CCB616B2BE13A696A1	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-08-14 19:30:25	1EA1328207A915C9EB10AA1D102C0B52	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-08-14 19:30:25	03A179385219FD37CDFB3E603F912CA7	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-08-14 19:30:24	D5F9C627C221A3B4B6944EDBE90D642C	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-08-14 19:30:24	008BDC16E15B3B6EFB6E8B6684022F36	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-08-14 19:29:18	55C70654420DBF429604FD567E6F3CD3	206848	----a-w-	C:\Windows\SysWOW64\WebClnt.dll
2015-08-14 19:29:17	6B003E11CDBDA3B45A3D16E5A9D3F73B	82432	----a-w-	C:\Windows\SysWOW64\davclnt.dll
2015-08-14 19:29:08	C989240A97D4E0B4354679CCF7E66389	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-08-14 19:29:08	BDC048308B74B2146495BBB8D4CD4974	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-14 19:29:07	FCDCEB29CD1129C6C86AD9700A7E5BD1	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-08-14 19:29:06	A37FEDFC0BC9E96AD3DFFF41D5805F04	2279424	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-08-14 19:29:05	BD3E3A13423C40E8CF4BE531EE68BAF0	1310720	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-08-14 19:29:05	67DA0EE95026FB2D3577F664F2187F98	342736	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-08-14 19:29:05	358D91656E54B03B8FFE3CF4D535A6C8	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-08-14 19:29:04	C929BFB3FD2460B570553AE7344640BC	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-14 19:29:04	32664FC06B115923C449DC22D47CD8A6	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-08-14 19:29:03	C98AF04E9FC94DBF57B29A9891597664	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-08-14 19:29:03	BAAAC903BF7F9CA5F1129C972AEDE6BD	19870208	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-08-14 19:29:02	E3762A30F1EC29C30AC85CC2B8CAA3F3	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-08-14 19:29:01	728188684708FEF4F18E2CAB46C54DBB	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-08-14 19:29:01	0E9529DC8BA5AD3C06B99F115D0D804D	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-08-14 19:29:00	FB1B7D2B2D500E067B96C56EE0B4DDAD	664064	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-08-14 19:29:00	D1D3DB57C68A2A62E03DD973F53CEA18	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-08-14 19:28:59	D7FDD5E8B88ADE9107772B4C879FDF94	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-08-14 19:28:59	8B6B89D3FEDB34CA38055B82A790545F	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-08-14 19:28:59	1CB9D50EE52BED7DEBF394CEA8A971A5	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-08-14 19:28:58	793F71F873D106A611DB79741327038C	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-08-14 19:28:58	3E168B5E5FEE3D09C2D4E97861B5F4B3	479232	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-08-14 19:28:58	3C74EA1EC43A694060F09B7D754446C6	12856832	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-08-14 19:28:55	AB6A3699E478DEF677D48B126B223C54	4520448	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-08-14 19:28:55	53DE75BD2C7A3EA29770147EAC8A8D5A	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-14 19:28:54	0AC8CD2138FD10C4A0E2FF08F892359C	1951232	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-08-14 19:28:53	ECF459774AE6A273F0F59D7C072DB3C4	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-14 19:28:53	4D036506C8359185FC52EB49DB891743	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-08-14 19:28:53	445DB8651F05684F8259D4054A15BC50	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-08-14 19:22:17	EA1BE72A8CD5CEA7B6E6649D1FD78BA1	1241088	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2015-08-14 19:22:17	127EE7F36CEA127ECCA55BECBC230398	2048	----a-w-	C:\Windows\SysWOW64\msxml6r.dll
2015-08-14 19:22:17	121E2E789BE080EB86DA71F95B611DF2	1390592	----a-w-	C:\Windows\SysWOW64\msxml6.dll
2015-08-14 19:22:16	B6F9E4CDA3069B03F654B650A5379E60	2048	----a-w-	C:\Windows\SysWOW64\msxml3r.dll
2015-08-14 19:22:13	A4F6DF0E33E644E802C8798ED94D80EA	179712	----a-w-	C:\Windows\SysWOW64\notepad.exe
2015-08-14 19:22:10	CE21524C53E9671A7108B28FB9B4E474	1251328	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2015-08-14 19:22:08	680D463893C9846CC6A1DA6012DD0FE5	299520	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-08-14 19:22:05	965CFC7687F0D188F215DC142FC8F6A1	1987584	----a-w-	C:\Windows\SysWOW64\d3d10warp.dll
2015-08-14 19:22:04	9E2F12744DD9810961031C56FBB691F4	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-08-14 19:22:04	7983F3481E89B96074FAE9AFCC24079C	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-08-14 19:22:04	520AEC6C64AF2CFD74B469DB98611D4A	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-08-14 19:22:04	400C20D6967A83EA69D6953EBB8D3FA3	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-08-14 19:19:11	4478348E3942AD9EED9AB263AFE7CD83	12875776	----a-w-	C:\Windows\SysWOW64\shell32.dll
2015-08-09 09:08:52	FBECE2B32A3658AEB609DC5A1021100F	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-08-09 09:08:52	E96D0EEAAE0446F664EE15703BB32A34	93184	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-08-09 09:08:52	A02515B58D318F427FBA64437FB0EDDF	566784	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-08-09 09:08:52	742AC3EF3C7C30F0EBF628D6D03BB399	34816	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-08-09 09:08:52	4447FD20A6B48D05E8392B6E18A194A8	173056	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
====== C:\Windows\SysWOW64\drivers =====
2015-08-17 19:08:25	E5805896A55D4166C20F216249F40FA3	26528	----a-w-	C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
====== C:\Windows\Sysnative =====
2015-08-17 20:17:03	3BF8B14BA7509319A6B90866F6DE876D	103424	----a-w-	C:\Windows\Sysnative\DelayAPO.dll
2015-08-17 20:15:05	8331FC724559DB1002249CE4792EB991	2702552	----a-w-	C:\Windows\Sysnative\RTSnMg64.cpl
2015-08-17 20:15:03	3126969E04C3645975ACEFF7A28A8726	184688	----a-w-	C:\Windows\Sysnative\RtkCfg64.dll
2015-08-17 20:14:58	FED4483218FD4314CF8CD8621D71A3DA	1310936	----a-w-	C:\Windows\Sysnative\RTCOM64.dll
2015-08-17 20:14:55	CD7CB560797B651BB8E9CAEEDF804132	2930904	----a-w-	C:\Windows\Sysnative\RltkAPO64.dll
2015-08-17 20:14:55	C8396A8EB9CF3DC533AC5AE924CF3791	1749208	----a-w-	C:\Windows\Sysnative\RCoInstII64.dll
2015-08-17 20:14:52	024A8951D4E8710379CD16656F4F8FA1	5714880	----a-w-	C:\Windows\Sysnative\NAHIMICV2apo.dll
2015-08-17 20:14:47	7343F1A3B7BAC94625F2AD26887D80D2	349528	----a-w-	C:\Windows\Sysnative\HiFiDAX2API.dll
2015-08-17 20:14:44	FB1F9765499981384AA360E9D3B2A2AA	6255888	----a-w-	C:\Windows\Sysnative\DDPP64AF3.dll
2015-08-17 20:14:44	F03945762D4F7DF6195095B538E5C6A2	1933584	----a-w-	C:\Windows\Sysnative\DDPD64AF3.dll
2015-08-17 20:14:44	E018154C2CD09511D39D65337A48A6FC	2393432	----a-w-	C:\Windows\Sysnative\DolbyDAX2APOv201.dll
2015-08-17 20:14:44	AEE27C741500BF38E93052DF736F5FAD	298768	----a-w-	C:\Windows\Sysnative\DDPA64F3.dll
2015-08-17 20:14:44	863B03900C286CDEB6B329CD6D0BB395	349968	----a-w-	C:\Windows\Sysnative\DDPO64AF3.dll
2015-08-17 20:14:44	2D6527EA6B43700FFE4D5E869D0217CA	2461528	----a-w-	C:\Windows\Sysnative\DolbyDAX2APOv211.dll
2015-08-17 20:14:44	1689D0E01CDD0DFF021ECF9D67CDD895	944984	----a-w-	C:\Windows\Sysnative\DolbyDAX2APOProp.dll
2015-08-17 19:26:38	E8474A2323DD53B12EB3BB840A2CB306	3262184	----a-w-	C:\Windows\Sysnative\YamahaAE2.dll
2015-08-17 19:26:38	BDA340F6BC694D6BC94F7EFA35F3BC68	213432	----a-w-	C:\Windows\Sysnative\tossaemaxapo64.dll
2015-08-17 19:26:37	D6798B461B2BFBFFB0F3C0DCF0A961AE	856992	----a-w-	C:\Windows\Sysnative\tadefxapo264.dll
2015-08-17 19:26:37	D47D28D2AD44318805CF5EF15665D570	1413776	----a-w-	C:\Windows\Sysnative\SRRPTR64.dll
2015-08-17 19:26:37	48435D12B45AB1F954CB579D1EA15D52	329360	----a-w-	C:\Windows\Sysnative\SRCOM.dll
2015-08-17 19:26:37	18F4327F7A659F4B1017C0E4C03EB50B	369296	----a-w-	C:\Windows\Sysnative\SRCOM64.dll
2015-08-17 19:26:36	EC05C33DF2CF20D839FE3650505ED6ED	734376	----a-w-	C:\Windows\Sysnative\sltech64.dll
2015-08-17 19:26:36	DBB99601D716F92CDD97CE4E60865319	943784	----a-w-	C:\Windows\Sysnative\sl3apo64.dll
2015-08-17 19:26:36	A5F6491F71A0DAF25140CA915600AB37	454288	----a-w-	C:\Windows\Sysnative\SRAPO64.dll
2015-08-17 19:26:36	6F8B108E8B57AC88F90D6EA13B2A1755	1104040	----a-w-	C:\Windows\Sysnative\slcnt64.dll
2015-08-17 19:26:36	2E4C258CB2FF3D249FD0ABBCABC664A1	250536	----a-w-	C:\Windows\Sysnative\slprp64.dll
2015-08-17 19:26:35	EFF9255F47AD4AC10340B44B2A14E0A7	858256	----a-w-	C:\Windows\Sysnative\SEHDRA64.dll
2015-08-17 19:26:35	B723902784FD6BBE1A7FB5E387D68530	2918104	----a-w-	C:\Windows\Sysnative\RtPgEx64.dll
2015-08-17 19:26:35	986E3BE81352583A1FCEF6103904570F	684176	----a-w-	C:\Windows\Sysnative\SECOMN64.dll
2015-08-17 19:26:35	4D4C12D652F710644EBA72D321072019	435856	----a-w-	C:\Windows\Sysnative\SEAPO64.dll
2015-08-17 19:26:32	E32DD814272AF44C35044FF0D2992CD0	3234520	----a-w-	C:\Windows\Sysnative\RtkApi64.dll
2015-08-17 19:26:32	4A1CA878196886743FE0E84F02C2C1DA	631000	----a-w-	C:\Windows\Sysnative\RtDataProc64.dll
2015-08-17 19:26:31	CD3F906FFA6CC16B27DADB0B913C83A7	72113152	----a-w-	C:\Windows\Sysnative\RCoRes64.dat
2015-08-17 19:26:30	52D09193B954697371DFA7BE9E520D05	5234952	----a-w-	C:\Windows\Sysnative\NAHIMICAPOlfx.dll
2015-08-17 19:26:30	4E5442D9B14EF9EF679CD8D65CD50A51	995120	----a-w-	C:\Windows\Sysnative\NahimicAPONSControl.dll
2015-08-17 19:26:29	DF3632EDBC612F4112F6FEDB024F6118	12996528	----a-w-	C:\Windows\Sysnative\MaxxVoiceAPO3064.dll
2015-08-17 19:26:29	6C100BAE708BD61F65932087D9A69ECA	12834736	----a-w-	C:\Windows\Sysnative\MaxxVoiceAPO4064.dll
2015-08-17 19:26:29	4209912F4FC493FCB0816771448F9E8E	980400	----a-w-	C:\Windows\Sysnative\MaxxVoiceAPO2064.dll
2015-08-17 19:26:28	CD2A9C650A6441544E4E4EB0B6F7C16E	2789808	----a-w-	C:\Windows\Sysnative\MaxxAudioAPO7064.dll
2015-08-17 19:26:28	CB56F27AFF28FB9576C6FC79E6D14036	14048512	----a-w-	C:\Windows\Sysnative\MaxxAudioRealtek64.dll
2015-08-17 19:26:28	A0DEEB5F93530A3C67E913F2EAE7AF7C	1145264	----a-w-	C:\Windows\Sysnative\MaxxAudioAPO4064.dll
2015-08-17 19:26:28	7C0186E421B1B5FC5824837D5078B4C1	1192368	----a-w-	C:\Windows\Sysnative\MaxxAudioAPO5064.dll
2015-08-17 19:26:28	71947A1775D4CBD9CBE580C6E97FF78E	922880	----a-w-	C:\Windows\Sysnative\MaxxAudioAPOShell64.dll
2015-08-17 19:26:28	06059CB3AACCBDA5865EFD9922832F82	1374640	----a-w-	C:\Windows\Sysnative\MaxxAudioAPO6064.dll
2015-08-17 19:26:27	B9178219A1B69431A12ED114B409E8C9	328816	----a-w-	C:\Windows\Sysnative\ICEsoundAPO64.dll
2015-08-17 19:26:27	3F5DD10EEC36A6DD6112978A2DF43160	728392	----a-w-	C:\Windows\Sysnative\IntelSstCApoPropPage.dll
2015-08-17 19:26:27	098D3F602867C947CFC7F3A3955671C5	3129672	----a-w-	C:\Windows\Sysnative\IntelSSTAPO.dll
2015-08-17 19:26:26	E3057F69217B864F022DCF3A9DABB8E2	3195416	----a-w-	C:\Windows\Sysnative\FMAPO64.dll
2015-08-17 19:26:25	DE67ADEAC731C1ED3BD76527AB530BA5	315736	----a-w-	C:\Windows\Sysnative\DDPO64A.dll
2015-08-17 19:26:25	CAC823DDBB6E785DB76906BFCCFE55AF	261464	----a-w-	C:\Windows\Sysnative\DDPA64.dll
2015-08-17 19:26:25	C71D1DAFA22B5D3B71853783E5AA09D2	7087448	----a-w-	C:\Windows\Sysnative\DDPP64A.dll
2015-08-17 19:26:25	018EFD4A9BF6FDA0F1AA3A6DE5712CD9	1939800	----a-w-	C:\Windows\Sysnative\DDPD64A.dll
2015-08-17 19:26:24	8113D6E1884940FC3F9DED886B364A1E	96568	----a-w-	C:\Windows\Sysnative\audioLibVc.dll
2015-08-17 19:26:24	66E6010C31A70C8C5C2853AF597D853E	1576976	----a-w-	C:\Windows\Sysnative\CX64APO.dll
2015-08-17 19:26:23	B9B73E9AF77BC79C46E499A1D3B09D67	560328	----a-w-	C:\Windows\Sysnative\AERTAC64.dll
2015-08-16 20:46:01	0187D9B399D2BC0C90E211536D865EF4	435752	----a-w-	C:\Windows\Sysnative\FNTCACHE.DAT
2015-08-14 20:08:08	52ED64BF80D360B0EA2B6E5F1504CDFF	124624	----a-w-	C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 19:30:48	C01DC60229F41D33AF2DF4162EDA0F44	7077376	----a-w-	C:\Windows\Sysnative\mstscax.dll
2015-08-14 19:30:46	35A97817FDA4C8F421D8478DCCF045B1	1057792	----a-w-	C:\Windows\Sysnative\rdvidcrl.dll
2015-08-14 19:30:45	CDA122FCC691D14D3971A83AB035156D	62976	----a-w-	C:\Windows\Sysnative\tsgqec.dll
2015-08-14 19:30:45	2686F572B3CAF633C4A350A3671835F2	429568	----a-w-	C:\Windows\Sysnative\wksprt.exe
2015-08-14 19:30:39	B9A07A9807A4BAC067498CC8D77F3D4D	5568960	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-08-14 19:30:39	72585BDAF2EC5237EBD71D540657D6A2	1163264	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-08-14 19:30:39	3F63C62D9183235792A46C0B66EAAD04	1730496	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-08-14 19:30:38	2E730941CC5BF6200A4F56D1E9C24AAD	1743360	----a-w-	C:\Windows\Sysnative\sysmain.dll
2015-08-14 19:30:35	AF249D7461E228EBBD1C7E98D99B3B12	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-08-14 19:30:34	E80CA72FA43BF258E72C408CEF9839BE	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-08-14 19:30:34	DAF50D708FF79AC4AE0A1C256A9BEE33	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-08-14 19:30:34	B892459EC8441FFB9E045CCE73862868	424960	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-08-14 19:30:34	A0502BF52867F00FD9C67D1C355F6C91	1216512	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2015-08-14 19:30:34	99D1FAA337A4EF3C33E256C79DC708F8	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-08-14 19:30:34	6DC249682EA708DA1C4B5CBD9C016F21	729088	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-08-14 19:30:34	35766EDA62E3FA02B897182219EEDF8A	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-08-14 19:30:33	6518A42BE5B157EF3DC3ED4F8BE4CA46	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-08-14 19:30:33	53632BBEFB00BDA1DCFC9E155E0C6B53	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-08-14 19:30:33	46041293D887F4D89979874015F26B30	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-08-14 19:30:33	354D59027DE2BFB3A63E8E7DBAF081D8	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-08-14 19:30:32	D6431591DEED9D47E9266890FB2BFBBC	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-08-14 19:30:32	7245C8C33397B90E376B9BB54E2A96C8	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-08-14 19:30:32	55C48343919A72B0C8F5C42E4C798FCA	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-08-14 19:30:31	E615E2FF68D64B52CEFDCD24332D61F5	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-08-14 19:30:31	61024C6DE4EEBC6BCC92422F0AE3CE94	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-08-14 19:30:31	0D48E93C6BE3143C0198CB252B992D16	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-08-14 19:30:29	EBB9C6638109A3486EBA51D28837495C	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-08-14 19:30:28	E6D24098FDB4A9C29007696B79389DB9	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-08-14 19:30:28	BD6BDB13F5D8FA13166CF8B3CBD6976A	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-08-14 19:30:28	98AFEF63F857FA67FA1BDD3969F40366	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-08-14 19:30:28	98432481E11B9EDB54A2B069E465D1CB	44032	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2015-08-14 19:30:28	7ADF0CB99051D1E0DB7F65DA1D8099F1	11264	----a-w-	C:\Windows\Sysnative\msmmsp.dll
2015-08-14 19:30:28	77E88D36E88FDC825DCCBF269F81ED3E	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-08-14 19:30:28	219DF0B319E46EA2601D90101C4C330A	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-08-14 19:30:28	1BE3823E3206785F2BA8F26B2FAD3FBE	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-08-14 19:30:28	0797A4FDBA2766B88FB563BBB7646FCE	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-08-14 19:30:25	BC48CD24D35FA0E18D66A97E502BFAE2	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-08-14 19:30:25	25AADF664F576D1C264F8AC27B4838DF	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-08-14 19:30:24	FFAD95FF2FE4B14F91E437E03D1F68BA	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-08-14 19:30:24	46CB68A774B67187B722FA1156672A23	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-08-14 19:30:06	168EA9CD9BD6056BB6F60B57D5304BBE	52736	----a-w-	C:\Windows\Sysnative\basesrv.dll
2015-08-14 19:29:18	4E89FC53493704BF835F0300DC201C34	260096	----a-w-	C:\Windows\Sysnative\WebClnt.dll
2015-08-14 19:29:17	16FD9A0F6EDEF091A72D7D3B77574008	102912	----a-w-	C:\Windows\Sysnative\davclnt.dll
2015-08-14 19:29:08	92E60B0F2E864336737091554370E658	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-08-14 19:29:08	890E3A6A6DB6D15EB242460D2353D39C	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-08-14 19:29:08	4E37600CED71FFCE7EEBB129A90B3431	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-08-14 19:29:06	D0A52A4F631172E2AC35A84CCDF28FA4	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-08-14 19:29:06	ACE8BB2BECFEC66A738EE3DDDFF0CA07	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-08-14 19:29:06	2319CA59AF0AA295EC254528DD558E37	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-08-14 19:29:04	B2ADFD1217625A68A484E9838C608F51	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-08-14 19:29:01	9CAC3401B481383936A9D66EF1B80307	389840	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-08-14 19:29:00	B8322A1FCD5686F2D97B6BCA1862C9B8	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-08-14 19:29:00	158C1D034080B9DC0A9A2CD9E8DB0199	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-08-14 19:28:58	857D9F533F7F9838B68C2CEF8AB68412	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-08-14 19:28:58	427D40AF9BCAE05125F3513E770706E1	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-08-14 19:28:58	3E4568FFE110FE81CA1A75BF1149153B	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-08-14 19:28:57	F9C6645800D1EDE9033858C60903F00C	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-08-14 19:28:57	C580215DE134617942FF1740A1235CE4	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-08-14 19:28:56	43AF91A40E44205272335E33B7BBA4C3	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-08-14 19:28:55	39E11AA344781CD5773BE9E2472C84E4	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-08-14 19:28:54	95C5B29740852D171CA03BAE61B670FE	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-08-14 19:28:54	62FC1CC7DFC11B5F6A25763375F765BF	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-08-14 19:28:52	6E3D6B8844FF524D7B27EE7FFB3EF6F5	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-08-14 19:28:51	E892688BB1C8B0B485C27436F2B963CF	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-08-14 19:28:51	995797E4DE4215715CA2040BB81F4594	14451200	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-08-14 19:28:50	ECA4CCA74F61C6288734B786089765B0	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-08-14 19:28:50	AD31A019C2195C75B26DF3337EE8F9FE	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-08-14 19:28:50	9C7B3D3A9A945AED5CC97C6535C9D857	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-08-14 19:28:50	56E1A08F9CDF246CCAB75EA32B87B2DA	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-08-14 19:28:49	C6960223A6BAB3CF83DB09565D191844	5923328	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-08-14 19:28:49	C555B5C8142844DED9E3BD94E6313000	2427904	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-08-14 19:28:48	77A4FEE4031F90DBB5C16F6A8FC855BC	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-08-14 19:28:48	2D9A67695E80C889FAD5C92651D5E641	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-08-14 19:28:48	080E99BE131C2433FD7E6813F77F08FD	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-08-14 19:28:46	E6CF1778145272A83E58C4AB66358AF3	25192448	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-08-14 19:22:18	40EA064E91C6A63FDBC83259FC5BD4F8	2004992	----a-w-	C:\Windows\Sysnative\msxml6.dll
2015-08-14 19:22:18	32A74A5BC52EF569BC65252AF6F28578	1887232	----a-w-	C:\Windows\Sysnative\msxml3.dll
2015-08-14 19:22:17	22DC6C17443DECC9EBE258220906DCAC	2048	----a-w-	C:\Windows\Sysnative\msxml6r.dll
2015-08-14 19:22:16	99119778A8E44F077E46B0870B8DD6A8	2048	----a-w-	C:\Windows\Sysnative\msxml3r.dll
2015-08-14 19:22:14	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\Sysnative\notepad.exe
2015-08-14 19:22:11	DB94C47BD7F2AD9C58DEC46026D5FD08	1648128	----a-w-	C:\Windows\Sysnative\DWrite.dll
2015-08-14 19:22:11	D5A775990A7C202A037378FDBCDB6141	1180160	----a-w-	C:\Windows\Sysnative\FntCache.dll
2015-08-14 19:22:10	F8C0AF84AB602D395FFC89BC7CF3CE18	372736	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-08-14 19:22:09	F97A0CFC495C92FF2F6A03933157D115	3208192	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-08-14 19:22:05	D4FB2E00F49711C9DD3E2C2646D7C767	2565120	----a-w-	C:\Windows\Sysnative\d3d10warp.dll
2015-08-14 19:22:05	0365E7AED8A38CB5FFF1DFB4458C0593	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-08-14 19:22:04	B45F7BC413F905ECA9DE679E3FF09472	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-08-14 19:22:04	52DE81006E192EAA09B3BDE763D80BC8	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-08-14 19:22:04	15113A4CD09E0F06894495FCE8BF2BF8	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-08-14 19:19:12	733BC760342A816D3B5A8CE2C7EF1D92	14177280	----a-w-	C:\Windows\Sysnative\shell32.dll
2015-08-09 09:09:15	EC9178A8037D3EF938F38B6793EAF990	774656	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-08-09 09:09:15	DD91D9EAAA415B26EB30EC9CF768BF03	743424	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-08-09 09:09:15	A3D0A038A6C03E368E80CDDEFC473140	1148416	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-08-09 09:09:15	4FEB4397B066DEEDDDED0D1CEDA1C887	69120	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-08-09 09:09:15	400E0B72AEB663360E1A3AB33DDD6A87	1116672	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-08-09 09:09:15	36DA2E5BD218764CB48B8A13CF0B091F	437760	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-08-09 09:09:14	EEAFBC5A31C68438AF67531C52410A3D	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2015-08-09 09:09:14	E99A30142A108B11381C47B0A30283B0	17344	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2015-08-09 09:08:52	DE1B5089D48291BD81F6A5CCFB832E53	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-08-09 09:08:52	D1E38F98DDA581BF70B6A89882E6E6F6	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-08-09 09:08:52	C980982C7F8ECB462C52CBEC759CBBDC	3154944	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-08-09 09:08:52	C0DA341908CC3A0209A63FBD4B521C2A	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-08-09 09:08:52	B0FBE5C8E18EB3BD677846DAB54037D5	696320	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-08-09 09:08:52	A6848EF3860E81A835AA4982ADBA1884	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-08-09 09:08:52	7CFCC5210E226AA85F2A21098FA01F29	37376	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-08-09 09:08:52	6FDC1FAD277AEF0A89B0D28F5675679C	139776	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-08-09 09:08:52	499034D7F1F6AF49F9EE12F8822793CB	2606080	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-08-09 09:08:52	1956D89C3E24A8388840489371B3A428	98304	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-08-09 09:08:52	0F72B73EBE4F6F86EE569598D377165E	192000	----a-w-	C:\Windows\Sysnative\wuwebv.dll
====== C:\Windows\Sysnative\drivers =====
2015-08-17 20:17:03	F270AFC3848C54C67E3BFB892CE9B9C6	96256	----a-w-	C:\Windows\Sysnative\drivers\AtihdW76.sys
2015-08-17 20:15:03	D172E06EFE08DF148155A59DB716C1B6	4514008	----a-w-	C:\Windows\Sysnative\drivers\RTKVHD64.sys
2015-08-17 20:14:55	EEBB2430E7BAFBD7B7A9F399502A43E1	35222128	----a-w-	C:\Windows\Sysnative\drivers\RTAIODAT.DAT
2015-08-17 19:26:35	7D7FBC9504575D97885A858EA93684F5	5804772	----a-w-	C:\Windows\Sysnative\drivers\rtvienna.dat
2015-08-17 19:26:33	31ABB86D0F0F1BCF78743C4A0234D7AC	3157796	----a-w-	C:\Windows\Sysnative\drivers\rtkSSTsetting.dat
2015-08-17 19:18:33	73A968D4A85BB2552DDCF72CB15F06D2	123704	----a-w-	C:\Windows\Sysnative\drivers\jraid.sys
2015-08-17 19:15:32	19B006B181E3875FD254F7B67ACF1E7C	15416	----a-w-	C:\Windows\Sysnative\drivers\ASACPI.sys
2015-08-14 19:30:35	67050452C0118BAF2883928E6FCCFE47	94656	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2015-08-14 19:30:31	67A1743377EBB5D9A370A8C2086CFDCC	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-08-14 19:30:31	522A1595D5701800DD41B2D472F5AAED	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-08-14 19:30:28	B2081803D510DCE174992BA880EDCA70	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-08-14 19:30:27	97687971F9CB30E2633DE0F1296B9F61	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-08-14 19:30:27	552FA62B0EFECD22D8D52499324BCA4F	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
====== C:\Windows\Tasks ======
2015-08-17 19:08:39	281DE2432B9A6C8D23062069A0B67205	2874	----a-w-	C:\Windows\Sysnative\Tasks\Driver Booster SkipUAC (TimTa)
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-08-17 11:06:03	--------	d-----w-	C:\Program Files\trend micro
2015-07-30 18:48:22	--------	d-----w-	C:\Program Files\Common Files\ATI Technologies
2015-07-30 18:47:17	--------	d-----w-	C:\Program Files\AMD
======= C:\PROGRA~2 =====
2015-08-01 20:19:48	--------	d-----w-	C:\PROGRA~2\TeamSpeak 3 Client
2015-07-30 18:53:14	--------	d-----w-	C:\PROGRA~2\COMMON~1\ATI Technologies
2015-07-30 18:51:15	--------	d-----w-	C:\PROGRA~2\AMD
======= C: =====
====== C:\Users\TimTa\AppData\Roaming ======
2015-08-17 19:08:24	--------	d-----w-	C:\Users\TimTa\AppData\Locallow\IObit
2015-08-17 19:08:22	--------	d-----w-	C:\Users\TimTa\AppData\Roaming\IObit
2015-08-17 10:05:31	--------	d-----w-	C:\Users\Public\AppData\Local\temp
2015-08-17 10:05:31	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2015-08-17 10:05:31	--------	d-----w-	C:\Users\Default User\AppData\Local\temp
2015-08-17 10:05:31	--------	d-----w-	C:\Users\.TemporaryItems\AppData\Local\temp
2015-07-30 14:25:21	--------	d-----w-	C:\Users\TimTa\AppData\Local\Steam
2015-07-30 14:25:21	--------	d-----w-	C:\Users\TimTa\AppData\Local\CEF
====== C:\Users\TimTa ======
2015-08-17 19:08:24	--------	d-----w-	C:\ProgramData\IObit
2015-08-17 10:05:31	--------	d-----w-	C:\Users\Public\AppData
2015-08-17 10:05:31	--------	d-----w-	C:\Users\.TemporaryItems\AppData
2015-08-01 20:19:52	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-07-30 18:53:18	--------	d-----w-	C:\ProgramData\ATI
2015-07-30 18:52:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

====== C: exe-files ==
2015-08-17 20:15:03	890C5393F1E7775A38FA73DC554A379E	8497368	----a-w-	C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2015-08-17 20:14:54	DC64C1C5948E69DD5815BD5421DDED9B	1393880	----a-w-	C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2015-08-17 20:14:54	BF225BCD0EC2D85719C382019B5B4250	14040792	----a-w-	C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2015-08-17 19:26:33	538250508501C2A714B2764E9920DAFF	1768152	----a-w-	C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe
2015-08-17 19:26:32	C397166D21F4CD59D5AF339F8938CD0D	294616	----a-w-	C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
2015-08-17 19:26:26	B14370C5FF63C548BB880D21195F7CBC	124440	----a-w-	C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-08-17 19:26:24	BA3484DDEF9E56ED15E91EAF550B41C2	742592	----a-w-	C:\Program Files\Realtek\Audio\HDA\CXAPOAgent64.exe
2015-08-17 11:06:03	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\TimTa.exe
2015-08-14 19:30:45	2686F572B3CAF633C4A350A3671835F2	429568	----a-w-	C:\Windows\System32\wksprt.exe
2015-08-14 19:30:39	DC18FFFF3175376ABD38E6D48309F7F9	3934656	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-14 19:30:39	B9A07A9807A4BAC067498CC8D77F3D4D	5568960	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-08-14 19:30:36	6C95D6264810F816E92780E7DB81F7B1	3989952	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-14 19:30:34	99D1FAA337A4EF3C33E256C79DC708F8	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-08-14 19:30:33	354D59027DE2BFB3A63E8E7DBAF081D8	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-08-14 19:30:32	55C48343919A72B0C8F5C42E4C798FCA	112640	----a-w-	C:\Windows\System32\smss.exe
2015-08-14 19:30:31	0D48E93C6BE3143C0198CB252B992D16	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-08-14 19:30:29	EBB9C6638109A3486EBA51D28837495C	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-08-14 19:30:29	A2C5FAE51BC43B29525AAA5BF0B31259	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-08-14 19:30:29	086A1544FACAA91CD6F95FC4CDE16913	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-08-14 19:30:25	832494A551C2B2CCB616B2BE13A696A1	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-08-14 19:30:25	03A179385219FD37CDFB3E603F912CA7	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-08-14 19:29:08	92E60B0F2E864336737091554370E658	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-08-14 19:29:06	F666B5E4A99DAE8E243189C89E9AFA74	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-08-14 19:29:06	ACE8BB2BECFEC66A738EE3DDDFF0CA07	720384	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-08-14 19:29:01	E595881896AA929A7FA8936DFCF8D3FE	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-08-14 19:29:01	2B1D4B6004AE4BE9EB19CAD4AB924944	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-08-14 19:29:00	C2A6A7E10E872F62F261637B67AFB248	815312	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-08-14 19:28:59	D7FDD5E8B88ADE9107772B4C879FDF94	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-08-14 19:28:58	427D40AF9BCAE05125F3513E770706E1	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-08-14 19:28:56	66CD0B90DA1E7219759821F9846A29CB	491008	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-08-14 19:28:55	AA12B1DD4C32F01995A07774D9A44C47	814288	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-08-14 19:28:54	95C5B29740852D171CA03BAE61B670FE	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-08-14 19:22:14	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\System32\notepad.exe
2015-08-14 19:22:14	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\notepad.exe
2015-08-14 19:22:13	A4F6DF0E33E644E802C8798ED94D80EA	179712	----a-w-	C:\Windows\SysWOW64\notepad.exe
=== C: other files ==
2015-08-17 20:31:46	E755CBC13A82114E5C41EAFA792D601C	109	----a-w-	C:\Users\TimTa\AppData\Local\Temp\schtasks_42233,9387302315.bat
2015-08-17 20:17:03	F270AFC3848C54C67E3BFB892CE9B9C6	96256	----a-w-	C:\Windows\System32\drivers\AtihdW76.sys
2015-08-17 20:15:03	D172E06EFE08DF148155A59DB716C1B6	4514008	----a-w-	C:\Windows\System32\drivers\RTKVHD64.sys
2015-08-17 19:18:33	73A968D4A85BB2552DDCF72CB15F06D2	123704	----a-w-	C:\Windows\System32\drivers\jraid.sys
2015-08-17 19:15:32	19B006B181E3875FD254F7B67ACF1E7C	15416	----a-w-	C:\Windows\System32\drivers\ASACPI.sys
2015-08-17 19:08:25	E5805896A55D4166C20F216249F40FA3	26528	----a-w-	C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
2015-08-14 19:30:35	67050452C0118BAF2883928E6FCCFE47	94656	----a-w-	C:\Windows\System32\drivers\mountmgr.sys
2015-08-14 19:30:31	67A1743377EBB5D9A370A8C2086CFDCC	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-08-14 19:30:31	522A1595D5701800DD41B2D472F5AAED	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-08-14 19:30:28	B2081803D510DCE174992BA880EDCA70	159232	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2015-08-14 19:30:27	97687971F9CB30E2633DE0F1296B9F61	129024	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2015-08-14 19:30:27	552FA62B0EFECD22D8D52499324BCA4F	290816	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2015-08-14 19:22:09	F97A0CFC495C92FF2F6A03933157D115	3208192	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BitTorrent"
"hkey"="HKCU"
"command"="\"C:\\Users\\TimTa\\AppData\\Roaming\\BitTorrent\\BitTorrent.exe\"  /MINIMIZED"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonMyPrinter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CanonMyPrinter"
"hkey"="HKLM"
"command"="C:\\Program Files\\Canon\\MyPrinter\\BJMyPrt.exe /logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonSolutionMenuEx]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CanonSolutionMenuEx"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Canon\\Solution Menu EX\\CNSEMAIN.EXE /logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CitrixReceiver]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CitrixReceiver"
"hkey"="HKLM"
"command"="\"C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Citrix\\Receiver Updater.lnk\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConnectionCenter]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ConnectionCenter"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Citrix\\ICA Client\\concentr.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HydraVisionDesktopManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HydraVisionDesktopManager"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\ATI Technologies\\HydraVision\\HydraDM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NBAgent"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nero\\Nero 11\\Nero BackItUp\\NBAgent.exe\" /WinStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Plex Media Server]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Plex Media Server"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Plex\\Plex Media Server\\Plex Media Server.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Redirector]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Redirector"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Citrix\\ICA Client\\redirector.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\TimTa\\AppData\\Roaming\\Spotify\\spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\TimTa\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\" -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\XboxStat]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="XboxStat"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Xbox 360 Accessories\\XboxStat.exe\" silentrun"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Secunia PSI Tray.lnk"
"backup"="C:\\Windows\\pss\\Secunia PSI Tray.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\Secunia\\PSI\\psi_tray.exe "
"item"="Secunia PSI Tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^TimTa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Verzenden naar OneNote.lnk]
"path"="C:\\Users\\TimTa\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Verzenden naar OneNote.lnk"
"backup"="C:\\Windows\\pss\\Verzenden naar OneNote.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\MICROS~1\\Office15\\ONENOTEM.EXE /tsr"
"item"="Verzenden naar OneNote"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11-08-2015 20:41]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Driver Booster SkipUAC (TimTa)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

ProfilePath: C:\Users\TimTa\AppData\Roaming\TomTom\HOME\Profiles\9cyu603w.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\TimTa\AppData\Local\Google\Chrome deleted

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.ajaxshowtime.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.ajaxshowtime.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{1684C430-5634-4044-88AB-8AB64F0E2265}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{1684C430-5634-4044-88AB-8AB64F0E2265} Google  Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz="

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\358CA8E5BB5699C40AE9918B81151EC4 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5E8AC853-65BB-4C99-A09E-19B81851E14C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\358CA8E5BB5699C40AE9918B81151EC4 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TimTa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TimTa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=47 folders=37 138895424 bytes)

==== Empty Temp Folders ======================

C:\Users\.TemporaryItems\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\TimTa\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\TimTa\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on di 18-08-2015 at 21:43:00,88 ======================